#!/bin/bash
set -euo pipefail
source "$(dirname "${BASH_SOURCE[0]}")/../../lib/logging.sh"

log "Installing anti-malware tools (clamav, clamtk, rkhunter)..."
sudo pacman -S --noconfirm --needed \
    clamav clamtk rkhunter

log "Installing chkrootkit (AUR)..."
yay -S --aur --noconfirm --needed chkrootkit

# initialise ClamAV database (first run)
if [[ ! -f /var/lib/clamav/main.cvd ]] && [[ ! -f /var/lib/clamav/main.cld ]]; then
    log "Running initial freshclam (virus database update)..."
    sudo freshclam
else
    skip "ClamAV database already present."
fi

# cron job: update virus definitions twice a day
CRON_FILE=/etc/cron.d/freshclam
if [[ ! -f "$CRON_FILE" ]]; then
    log "Installing freshclam cron job (twice daily)..."
    sudo tee "$CRON_FILE" > /dev/null <<'EOF'
# Update ClamAV virus definitions twice a day
0 */12 * * * root /usr/bin/freshclam --quiet 2>/dev/null
EOF
    sudo chmod 644 "$CRON_FILE"
else
    skip "freshclam cron job already configured."
fi

log "Anti-malware tools installed."